RiskIT Logo

Issue 39                                                   Friday, September 2, 2011 

 

HIPAA Audits: A Preparation Checklist

 

 

Self-Assessment, Documentation and Other Key Steps

Conducting a thorough self-assessment is the best way to prepare for the upcoming HIPAA compliance audits, regulators and other experts advise. Other key steps include creating detailed documentation and being ready to describe how security incidents were handled, prove staff members have received training and demonstrate security controls.

To read this article in its entirety, please click:

HIPAA Audits: A Preparation Checklist

Giving Gov't Workers Their Due Respect

 

In Irene's Wake, Government IT Pros Show Their Mettle

 

Government workers get a bum rap. They don't get the respect they rightly deserve.

 

Just ask Kris Rowley, the chief information security officer for the state of Vermont, where government IT and IT security personnel are making big, personal sacrifices as floods inundate the state, heavily damaging a data center in Waterbury, in the wake of Tropical Storm Irene.

 

  

To read this white paper in its entirety, please click:

Giving Gov't Workers Their Due Respect

 

 

Guide: How to Pass an IT Audit

 

This guide covers the steps and procedures to passing an IT GRC audit - as told by an enterprise end-user who deployed QualySys Guard Policy Compliance.

 

As a lead security analyst at a large Fortune 500 financial institution, we're subject to many audits of our IT security.

 

 

To read this article in its entirety, please click:  

Guide: How to Pass an IT Audit

    

Potentially Hundreds of Bogus Digital Certificates Issued

 

    

Update 8/31/11: According to a report in SoftPedia, Duch SSL certificate authority (CA) DigiNotar may have issued hundreds of rogue digital certificates aside from the Google certificate discovered earlier this week.

"This should render all certs signed by DigiNotar untrusted, but Chrome's hardcoded certificate blacklist actually increased by 247 entries. What do these represent? 'Bad DigiNotar leaf certificates for non-Google sites,' according to code code comments left by developers," SoftPedia reports.

 

To read this article in its entirety, please click: 

 

  

 Potentially Hundreds of Bogus Digital Certificates Issued

  

 

Small Business Disaster Preparedness
 

Planning and Preparing Tips For Your Small Business: 3 Things You Can Do RIght Now to Protect Your Business

 

 

A few years ago, I was attending a meeting at a mid-sized company when I was handed a 400-page document and told that it was the active operational business continuity plan for the business. I opened the binder and by the time I got to the third page, I couldn't read anymore. The plan was so complex and cost-prohibitive that it would have caused more problems that it solved.

 

  

To read this article in its entirety, please click:

 

 
RiskIT Logo 
is an email publication provided by

 

Eminere Group Logo 

 

Disaster Recovery Journal

 

 

 

ISACA Logo

 

 

 

 HIMSS Logo

 

 

More Useful Links...
  
  
  
  
  
  
  
  
  
Join Our Mailing List